<?php

if ($_POST['destroy-session'] != "yes") {
    session_start();
    $_SESSION['fingerprint'] = md5('SECRET-SALT' . $_SERVER['HTTP_USER_AGENT']);
} else {
    session_start();
    session_regenerate_id();
    $_SESSION['fingerprint'] = md5('SECRET-SALT' . $_SERVER['HTTP_USER_AGENT']);
}

require_once("_head.php");

mkheader("sessions!", "#aea");
?>

  <body>

    <!-- ======================================================= -->
    <?php
    if ($_POST['destroy-session'] == "yes") {
        session_destroy();
        $_SESSION = array();

        ?>
            <p>Successfully destroyed session</p>
            <a href="<?php echo $_SERVER['PHP_SELF']; ?>">clear this</a>
        <?php
    } else {
        ?>
            <form name="session_destroy" action="" method="POST">
              <input type="hidden" name="destroy-session" value="yes" />
              <input type="submit" name="submit" value="Destroy Session" />
            </form>
        <?php
    }

    ?>

    <!-- ======================================================= -->
    <pre><?php

    print("Current session data:\n");
    print_r($_SESSION);

    ?></pre>

    <!-- ======================================================= -->
    <pre><?php

    print("Current cookie data:\n");
    print_r($_COOKIE);

    ?></pre>


  </body>
</html>